Systems Engineer III, Cybersecurity Penetration Tester

About The Position

Requirements

• Bachelor's degree in computer science, Information Security, Cybersecurity, or related field (or equivalent experience).
• Five (5) or more years of hands-on experience in penetration testing or ethical hacking, preferably in enterprise or regulated environments.
• Advanced security-related industry certifications (e.g., OSCP, GPEN) required.
• Advanced proficiency with tools such as Burp Suite, Nmap, Metasploit, Nessus, Kali Linux, Wireshark, Social Engineering Toolkit, and cloud-specific testing frameworks.
• Thorough understanding of Adversary TTPs and ability to emulate them in assessments.
• Strong knowledge of network protocols, operating systems (Windows, Linux), web technologies, and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25).
• Experience in red teaming, vulnerability assessment, and reporting.
• Excellent problem-solving, analytical, and communication skills (written and verbal).
• Ability to work independently and lead engagements while collaborating in a team environment.
• Proficient in exploit development and scripting languages such as Python, Ruby, Go, etc.

Nice To Haves

• Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), or other relevant certifications (OSCE, GXPN, CEH, or equivalent).

Responsibilities

• Plan, execute, and lead complex penetration tests, including internal, external, web application, network, mobile, IoT, API, social engineering, and cloud (e.g., AWS, Azure) assessments.
• Perform red team engagements to simulate attacks and advanced persistent threats, highlighting gaps in security controls; some travel and on-site engagements required.
• Identify, exploit, and document vulnerabilities using manual and automated techniques, adhering to methodologies and frameworks like OWASP Top 10, PTES, and MITRE ATT&CK.
• Analyze testing results, assess risks, and produce detailed reports with findings, exploitation procedures, risk ratings, and actionable remediation recommendations.
• Collaborate with client development, IT, and security teams to validate fixes, retest vulnerabilities, and improve overall security practices.
• Mentor junior penetration testers, provide training on tools and techniques, demonstrate continuous learning, and contribute to team knowledge sharing.
• Develop or customize scripts, tools, and methodologies to enhance testing efficiency and coverage.
• Stay current with emerging threats, vulnerabilities, exploits, and offensive security trends.
• Communicate technical findings clearly to non-technical stakeholders, including senior management.

Benefits

• Flexible paid time off
• 5% 401K matching program
• Equity opportunities
• Incentive and bonus programs
• Up to 16 weeks of paid parental leave
• Flexible spending accounts
• Full-health benefits with base employee coverage fully funded, comprising:
• Medical, dental, and vision coverage
• Life insurance
• Short and long-term disability coverage
• Income protection benefits